shredbx logo
shredbx shredbx shredbx shredbx Personal
  • Home
  • Lab
  • Portfolio
  • Experience
  • Services
  • Profile
  • Contact
AClaude
  • Home
  • Lab
  • Portfolio
  • Experience
  • Services
  • Profile
  • Contact
Andrei Solovev
Knowledge
Search knowledge... ⌘K
Knowledge · Guidelines · architecture

Credential Management

How to securely store and reference credentials in SBX workspace projects

Andrei Solovev

Metadata

architecture recommended

Procedures

Showing 3 of 7

  1. 1 Store all credentials in 1Password
    Use the project vault with environment separation: op://{project}-{env}/...
    op://sbx-dev/postgres/password
  2. 2 Reference via op:// URI in workspace YAML
    Use the credential_ref field in ConnectionConfig, never inline passwords
    credential_ref: op://sbx-dev/postgres/password
    # NEVER: password: "mysecret123"
  3. 3 Mask credentials in API responses
    Any API endpoint returning connection config must replace credential values with masked placeholders
    // Go: masking in API handler
    config.Password = "••••••••"
    config.SecretAccessKey = "••••••••"

Tools

  • 1Password CLI
  • SBX vault package
  • SBX op-adapter

References

  • external OWASP Secret Management Cheat Sheet
shredbx logo shredbx shredbx shredbx shredbx Andrei Solovev

Solution Architect & Lead Software Engineer

ExperiencePortfolioResearch & ExperimentsEducationCertificationSkills
GitHub ↗LinkedIn ↗Email ↗
AVAILABLE FOR NEW PROJECTS
// MY LATEST BEATS
Hobby & Interests

Lab

  • The Lab
  • Framework
  • Components
  • Packages
  • Games
  • Process (SDLC)
  • Knowledge
  • Blog

Andrei

  • Portfolio
  • Experience
  • Services
  • Profile
  • Contact
  • Lifestyle

Team

  • Team
  • Andrei
  • Claude

Legal

  • Privacy
  • Terms
  • Cookies
© 2026 shredbx.com. All rights reserved. — Andrei Solovev |